"The Corporations Act has provisions in place, but you can drive a truck through those provisions," Mr Sheehy said on Friday.

"That's exactly what people have been doing."

Advertisement

The Corporations Act prohibited persons or organisations from obtaining share registers for things such as marketing purposes.

Mr Sheehy said those seeking access to share registers were not required to offer a reason for doing so. All that was required was a $250 fee.

As a result, a wide number of people and organisations, including charities, stockbrokers, investment companies and even genealogical societies had sought access to share registers and companies were unable to stop them.

Mr Sheehy said a "proper purpose" test would help reduce the instances of obtaining share registers for non-shareholding related reasons.

The test would require those seeking access to state the purpose for which the information will be used, with an external body such as the Takeovers Panel to assess whether the request is for a proper purpose.

Mr Sheehy said access rules for normal activities, such as to conduct an attempted takeover or for shareholders to put something before other shareholders, would be unchanged.

The CSA "proper purpose test" was part of the organisation's submission in response to the federal government options paper entitled "Access to share registers and the regulation of unsolicited off market offers".

In the submission, CSA said 95 per cent of requests for access to company registers were from non-shareholders.

Mr Sheehy said one major bank had received 11 share register requests in the past two years, of which only one was a legitimate request from a shareholder.

"That's just an example of what's happening out there and it is repeated across all of the major listed companies," Mr Sheehy said.

Mr Sheehy said charities were attempting to determine the amount of shares held by some of their principal donors through share registers.

"Through data matching and so forth, they can get a picture of a person's shareholding across a range of companies," Mr Sheehy said.

"They can then approach them with far more information than they had in the past.

"We think that is an invasion of someone's privacy."

Mr Sheehy said shareholders should have similar privacy protection as users of other financial products such as superannuation or bank accounts.